First standard for post-quantum signatures published
Digital signatures guarantee the authenticity of e-mails sent, SSL certificates or software updates – they create the basis of trust for all communication on the Internet. The publication of the signature procedure as an Internet standard is a milestone for post-quantum cryptographers.
Quantum computers with their enormous computing power will be able to solve complex tasks in a short time – for example, calculating climate models and chemical processes in pharmaceutical and materials research. But they can just as quickly and easily crack the keys to today’s common public-key crypto procedures. These procedures are the basis for confidential communication on the Internet as well as for the security of stored data.
Today, quantum computers are still hardly practical. However, their great potential makes the development of these new types of computers interesting; in addition to IT companies, secret services also invest considerable funds. Thus, first practical computers of this kind are expected to be available in the foreseeable future. Since the development and dissemination of new encryption methods is time-consuming, cryptographers should react early to the foreseeable quantum leap in computing power.
Under the leadership of cryptography expert Professor Johannes Buchmann, researchers from the Technical University of Darmstadt and Genoa have within three years developed a signature process that quantum computers will not be able to crack. The core of the solution is a hash-based procedure: Basically, hashes only work in one direction – once encoded contents cannot be resolved into plain text again. Due to their properties, cryptographic hash functions are considered to be resistant to quantum computer attacks.
In order to disseminate the post-quantum signature procedure worldwide, the research team submitted a draft of an Internet standard (RFC) in cooperation with experts from the Eindhoven University of Technology. The international organisation IRTF (Internet Research Task Force) has examined this and has now published it as RFC 8391. This makes the method internationally recognized and universally applicable for generating quantum computer-resistant signatures. “RFC 8391 is the first published standard on post-quantum signatures. The research team of the TU Darmstadt and Genoa solved a problem of post-quantum cryptography, on which several large companies and organizations are working, and made an important contribution to future security on the Internet,” said Matthias Ochs, CEO of Genua GmbH.
Related articles:
Intel testing tiny ‘spin qubit’ chip for quantum computing
Europe to build commercial laser-based quantum security system in the sky
Volkswagen tests quantum computing in battery research
Google quantum processor aims for ‘supremacy’